mirror of
https://github.com/ets-cfuhrman-pfe/EvalueTonSavoir.git
synced 2025-08-11 21:23:54 -04:00
fix oidc
This commit is contained in:
parent
8f7c0a3ac9
commit
a007314229
4 changed files with 42 additions and 16 deletions
|
|
@ -1,5 +1,4 @@
|
||||||
var OAuth2Strategy = require('passport-oauth2')
|
var OAuth2Strategy = require('passport-oauth2')
|
||||||
var authProvider = require('../../../models/authProvider')
|
|
||||||
var authUserAssoc = require('../../../models/authUserAssociation')
|
var authUserAssoc = require('../../../models/authUserAssociation')
|
||||||
var users = require('../../../models/users')
|
var users = require('../../../models/users')
|
||||||
var { hasNestedValue } = require('../../../utils')
|
var { hasNestedValue } = require('../../../utils')
|
||||||
|
|
@ -11,10 +10,6 @@ class PassportOAuth {
|
||||||
this.auth_name = auth_name
|
this.auth_name = auth_name
|
||||||
}
|
}
|
||||||
|
|
||||||
async getProviderInfo(auth_name){
|
|
||||||
return await authProvider.find(auth_name)
|
|
||||||
}
|
|
||||||
|
|
||||||
register(app, passport,endpoint, name, provider) {
|
register(app, passport,endpoint, name, provider) {
|
||||||
const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
|
const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
|
||||||
const self = this
|
const self = this
|
||||||
|
|
@ -44,14 +39,14 @@ class PassportOAuth {
|
||||||
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')
|
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')
|
||||||
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_STUDENT_VALUE)) received_user.roles.push('student')
|
if(hasNestedValue(userInfo,provider.OAUTH_ROLE_STUDENT_VALUE)) received_user.roles.push('student')
|
||||||
|
|
||||||
const user_association = await authUserAssoc.find_user_association(self.auth_name._id,userInfo.sub)
|
const user_association = await authUserAssoc.find_user_association(self.auth_name._id,received_user.auth_id)
|
||||||
|
|
||||||
let user_account = null
|
let user_account = null
|
||||||
if(user_association){
|
if(user_association){
|
||||||
user_account = await users.getById(user_association.user_id)
|
user_account = await users.getById(user_association.user_id)
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
let user_id = await users.getId(userInfo.email)
|
let user_id = await users.getId(received_user.email)
|
||||||
user_account = user_id ? await users.getById(user_id) : await users.register(received_user.email,"")
|
user_account = user_id ? await users.getById(user_id) : await users.register(received_user.email,"")
|
||||||
await authUserAssoc.link(self.auth_name,received_user.auth_id,user_account._id)
|
await authUserAssoc.link(self.auth_name,received_user.auth_id,user_account._id)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,12 @@
|
||||||
var OpenIDConnectStrategy = require('passport-openidconnect')
|
var OpenIDConnectStrategy = require('passport-openidconnect')
|
||||||
|
var authUserAssoc = require('../../../models/authUserAssociation')
|
||||||
|
var users = require('../../../models/users')
|
||||||
|
var { hasNestedValue } = require('../../../utils')
|
||||||
|
|
||||||
class PassportOpenIDConnect {
|
class PassportOpenIDConnect {
|
||||||
constructor(passportjs,auth_id){
|
constructor(passportjs,auth_name){
|
||||||
this.passportjs = passportjs
|
this.passportjs = passportjs
|
||||||
this.auth_id = auth_id
|
this.auth_name = auth_name
|
||||||
}
|
}
|
||||||
|
|
||||||
async getConfigFromConfigURL(name,provider){
|
async getConfigFromConfigURL(name,provider){
|
||||||
|
|
@ -19,6 +22,7 @@ class PassportOpenIDConnect {
|
||||||
|
|
||||||
const config = await this.getConfigFromConfigURL(name,provider)
|
const config = await this.getConfigFromConfigURL(name,provider)
|
||||||
const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
|
const cb_url =`${process.env['BACKEND_URL']}${endpoint}/${name}/callback`
|
||||||
|
const self = this
|
||||||
|
|
||||||
passport.use(name, new OpenIDConnectStrategy({
|
passport.use(name, new OpenIDConnectStrategy({
|
||||||
issuer: config.issuer,
|
issuer: config.issuer,
|
||||||
|
|
@ -34,15 +38,35 @@ class PassportOpenIDConnect {
|
||||||
// patch pour la librairie permet d'obtenir les groupes, PR en cours mais "morte" : https://github.com/jaredhanson/passport-openidconnect/pull/101
|
// patch pour la librairie permet d'obtenir les groupes, PR en cours mais "morte" : https://github.com/jaredhanson/passport-openidconnect/pull/101
|
||||||
async function(req, issuer, profile, times, tok, done) {
|
async function(req, issuer, profile, times, tok, done) {
|
||||||
try {
|
try {
|
||||||
const user = {
|
const received_user = {
|
||||||
id: profile.id,
|
auth_id: profile.id,
|
||||||
email: profile.emails[0].value,
|
email: profile.emails[0].value,
|
||||||
name: profile.name.givenName,
|
name: profile.name.givenName,
|
||||||
groups: profile.groups[0].value ?? []
|
roles: []
|
||||||
};
|
};
|
||||||
return done(null, user);
|
|
||||||
|
if(hasNestedValue(profile,provider.OIDC_ROLE_TEACHER_VALUE)) received_user.roles.push('teacher')
|
||||||
|
if(hasNestedValue(profile,provider.OIDC_ROLE_STUDENT_VALUE)) received_user.roles.push('student')
|
||||||
|
|
||||||
|
const user_association = await authUserAssoc.find_user_association(self.auth_name._id,received_user.auth_id)
|
||||||
|
|
||||||
|
let user_account = null
|
||||||
|
if(user_association){
|
||||||
|
user_account = await users.getById(user_association.user_id)
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
let user_id = await users.getId(received_user.email)
|
||||||
|
user_account = user_id ? await users.getById(user_id) : await users.register(received_user.email,"")
|
||||||
|
await authUserAssoc.link(self.auth_name,received_user.auth_id,user_account._id)
|
||||||
|
}
|
||||||
|
|
||||||
|
user_account.name = received_user.name
|
||||||
|
user_account.roles = received_user.roles
|
||||||
|
await users.editUser(user_account)
|
||||||
|
self.passportjs.authenticate(user_account)
|
||||||
|
|
||||||
|
return done(null, user_account);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
|
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -52,11 +52,11 @@ class PassportJs{
|
||||||
|
|
||||||
|
|
||||||
register(userinfos){
|
register(userinfos){
|
||||||
this.authmanager.register(userinfos)
|
return this.authmanager.register(userinfos)
|
||||||
}
|
}
|
||||||
|
|
||||||
authenticate(userinfos){
|
authenticate(userinfos){
|
||||||
this.authmanager.login(userinfos)
|
return this.authmanager.login(userinfos)
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,13 @@ function hasNestedValue(obj, path, delimiter = "_") {
|
||||||
let current = obj;
|
let current = obj;
|
||||||
|
|
||||||
for (const key of keys) {
|
for (const key of keys) {
|
||||||
|
while(Array.isArray(current) && current.length == 1 && current[0]){
|
||||||
|
current = current[0]
|
||||||
|
}
|
||||||
|
while(current['value']){
|
||||||
|
current = current.value
|
||||||
|
}
|
||||||
|
|
||||||
if (current && typeof current === "object") {
|
if (current && typeof current === "object") {
|
||||||
if (Array.isArray(current)) {
|
if (Array.isArray(current)) {
|
||||||
const index = current.findIndex(x => x == key)
|
const index = current.findIndex(x => x == key)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue